Tenant user roles and permissions
The user roles for tenant users differ from those of on-premises users.
Each tenant role has permissions that determine what features you as a tenant user can view and what tasks you can perform. For example, Access Manager users can create accounts, but Application Owners cannot access account access features.
The following table lists the tenant user roles and their permissions.
Tenant roles and permissions matrix
Permission → Role ↓ | User | Watchpoint | Dashboard | Data | Accessibility |
|---|---|---|---|---|---|
Access Manager | ✅️ |
|
|
|
|
Application Owner |
| ✅️ | ✅️ | ✅️ | ✅️ |
Observer |
|
| ✅️ | ✅️ | ✅️ |
The user with the Access Manager role can assign one of the following roles to other tenant users:
- Access Manager — Performs user management for the tenant, including creation, editing, and deletion of other Access Manager accounts. The first Access Manager user is created by the tenant's provider, but Access Managers can create other Access Manager users.
- Application Owner — Configures Watchpoints and dashboards for the tenant and runs Performance Analytics Engine queries. When an Application Owner user launches the Real User Analyzer from the BMC Application Performance Management Console, that user has Operator permission on the Analyzer.
- Observer — With the exception of configuring Watchpoints, can perform the same tasks as Application Owner. Observer users who launch the Real User Analyzer from the BMC Application Performance Management Console also have Observer permission on the Analyzer.
Related topics
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*